CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2009-1590
https://notcve.org/view.php?id=CVE-2009-1590
Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form. Vulnerabilidad no especificada en CGI RESCUE FORM2MAIL anterior a v1.42 permite a atacantes remotos enviar correos electrónicos a destinatarios de su elección mediante un formulario web. • http://jvn.jp/en/jp/JVN76370393/index.html http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000023.html http://osvdb.org/54097 http://secunia.com/advisories/34869 http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20081213132937 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2008-5723
https://notcve.org/view.php?id=CVE-2008-5723
Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en CGI RESCUE KanniBBS2000 (también conocido como KanniBBS2000i, MiniBBS2000 y MiniBBS2000i) antes de v1.03 permite a atacantes remotos leer archivos de su elección mediante vectores no especificados. • http://jvn.jp/en/jp/JVN86833991/index.html http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000078.html http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20081113221811 http://www.securityfocus.com/bid/32485 https://exchange.xforce.ibmcloud.com/vulnerabilities/46972 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4655
https://notcve.org/view.php?id=CVE-2007-4655
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. Múltiples vulnerabilidades de escalado de directorio en el CGI RESCUE Shopping Basket Professional 7.51 y versiones anteriores permiten a atacantes remotos listar directorios de su elección y, posiblemente, leer directorios de su elección, a través de secuencias de escalado de directorios en parámetros sin especificar a (1) list.cgi o (2) list2.cgi. • http://jvn.jp/jp/JVN%2320452446/index.html http://osvdb.org/40146 http://osvdb.org/40147 http://secunia.com/advisories/26614 http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803 http://www.securityfocus.com/bid/25500 https://exchange.xforce.ibmcloud.com/vulnerabilities/36389 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-0565
https://notcve.org/view.php?id=CVE-2007-0565
CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors. CGI-Rescue Shopping Basket Professional versión 7.50 y anteriores, permite a atacantes remotos inyectar comandos arbitrarios de sistema operativo por medio de vectores no especificados. • http://jvn.jp/jp/JVN%2382258242/index.html http://osvdb.org/31622 http://secunia.com/advisories/23909 http://www.securityfocus.com/bid/22245 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0547
https://notcve.org/view.php?id=CVE-2007-0547
Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en CGI-RESCUE WebFORM 4.3 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://jvn.jp/jp/JVN%2305123538/index.html http://osvdb.org/32964 http://secunia.com/advisories/23913 http://www.vupen.com/english/advisories/2007/0344 •